Reports say hackers stole millions of dollars from Target and Neiman Marcus before season officially opened
A global malware attack which briefly shut down hundreds of electronic payments systems in the United States and other parts of the world failed to disrupt the majority of the Christmas shopping season, according to industry officials.
The malware, dubbed WannaCry, was disguised as a virus sending payments for entertainment and fashion goods and struck on Monday as shoppers flocked to stores, malls and websites to begin their end-of-year shopping.
WannaCry, which can take advantage of a flaw in Microsoft’s software, caused disruptions to hotels, airlines, hospitals and even the US Navy’s Pacific fleet.
The Guardian view on WannaCry: cancelling the false sense of security | Editorial Read more
Cable TV and rail companies including Comcast and Time Warner also reported being the victims of WannaCry. Other countries that were hit included China, Canada, Spain, Argentina, Brazil, France, Switzerland, Russia and the United Kingdom.
Walmart, Sears, Macy’s, Amazon and other chains reported problems on Cyber Monday, the internet’s biggest day for online sales.
Analyst Richard Weinberg, chief executive of threat intelligence company S2 Intelligence, said he expected much of the cost to be covered by insurers or PayPal.
“This is the tip of the iceberg,” Weinberg said. “This is just the beginning.”
Retailers not directly hit by the cyber attack have been bracing for the possibility of them being targeted. Companies that rely on credit card transactions for revenue are required to be more vigilant against cyber attacks than companies that sell fast-moving consumer goods or house the hoses that keep the stream of shoppers flowing.
In 2014, Target Corp suffered a massive breach during the holiday season which the company at the time said led to the theft of data from 40 million credit and debit cards.
Cyber Monday, which is also known as Green Monday, is an unofficial kick-off to holiday shopping. Shoppers took advantage of deep discounts to buy toys, clothes and electronics.
The malware attack was initially aimed at at security at Russia’s Rossiya bank, said Jake Williams, a security researcher and former NSA hacker. Williams said the virus is most likely to be used to extort, but could be modified to do other things, including to attack payment systems.
Karen Ross, a spokesman for Neiman Marcus, said more than 100 payment terminals were affected by the virus, which infected those terminals to create transactions. Officials at Target said they were not aware of any account information being taken.
News of the attack spread to the United States and other parts of the world on Tuesday, forcing workers to report to work under tighter security.
Washington state’s banking regulator said the malware was discovered during routine operations as part of the state’s regularly scheduled security scans. The Department of Financial Institutions also said the virus spread to servers at a small number of state-approved banks.
“It is safe to visit the web-based websites of state-regulated financial institutions and local community banks,” DCFI said. “The banks in Washington state have taken appropriate steps to address this issue and are fully operational.”
Wisconsin regulators said the virus targeted websites used to process online payments.